rdap_ allowed_ purposes
Registry Context
`rdap_allowed_purposes` is a this claim describes the set of RDAP query purposes that are available to an identity that is presented for access to a protected RDAP resource. claim.
Technical Summary
Federated Authentication for the Registration Data Access Protocol (RDAP) Using OpenID Connect Section 3.1.5.1 defines `rdap_allowed_purposes` for JWT claim sets with the registry description: This claim describes the set of RDAP query purposes that are available to an identity that is presented for access to a protected RDAP resource..
When Used
Used in JWTs that follow Federated Authentication for the Registration Data Access Protocol (RDAP) Using OpenID Connect Section 3.1.5.1.
Normative Requirements
Identity provider
9560 - Section 3.1.5.1
assign appropriate purpose values only to end-user identities that are authorized to use them..
Condition: When assigning purpose values to an end user credential.
Identity providers MUST ensure that appropriate purpose values are only assigned to end user identities that are authorized to use them.
RDAP server
9560 - Section 3.1.5.1
ignore unrecognized purpose values and process the query as if the unrecognized value was absent..
Condition: When processing the `rdap_allowed_purposes` claim.
Unrecognized purpose values MUST be ignored, and the associated query MUST be processed as if the unrecognized purpose value was not present at all.
Validation Guidance
When processing `rdap_allowed_purposes`, apply the syntax and semantics from Federated Authentication for the Registration Data Access Protocol (RDAP) Using OpenID Connect Section 3.1.5.1.
Treat `rdap_allowed_purposes` as profile-specific unless the JWT explicitly follows the referenced specification.
Reference
Details
- Entry Id
rdap_allowed_ purposes - Claim Name
rdap_allowed_ purposes - Claim Description
This claim describes the set of RDAP query purposes that are available to an identity that is presented for access to a protected RDAP resource.- Change Controller
IETF- Reference
RFC9560 - Section 3.1.5.1